what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

SAP Mobile Platform DataVault Keystream Recovery

SAP Mobile Platform DataVault Keystream Recovery
Posted Aug 12, 2015
Authored by Fernando Russ | Site onapsis.com

The SAP Mobile Platform 3.0 SP5 has an API called DataVault, which is used to securely store data on mobile devices. Due to an incorrect implementation of the cryptographic algorithms and parameters, it is possible to recover the keystream for the encrypted data. As a result, it is possible to recover part of the plaintext corresponding to an encrypted piece of data thus reverting the encryption process of some values inside the DataVault without needing the original secret key. Furthermore, due to the lack of cryptographic integrity mechanisms in the SAP DataVault an attacker recovering this keystream has the possibility of re-encrypting (or modifying in practical terms) with some limitations, some values previously encrypted inside the DataVault.

tags | advisory
SHA-256 | cd43a3f66a460ba3e471e6f03fe9bed24f562a9b22ab386dc9a02fc1929d34f9

SAP Mobile Platform DataVault Keystream Recovery

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security Advisory 2015-010: SAP Mobile Platform DataVault
Keystream Recovery


1. Impact on Business
- ---------------------

By exploiting this vulnerability an attacker with access to a vulnerable
mobile device would be able to decrypt credentials and other sensitive
information stored in it, potentially being able to connect to other
business systems.

Risk Level: High


2. Advisory Information
- -----------------------

* Public Release Date: 2015-08-12
* Subscriber Notification Date: 2015-08-12
* Last Revised: 2015-08-12
* Security Advisory ID: ONAPSIS-2015-010
* Onapsis SVS ID: ONAPSIS-00149
* CVE: Not Assigned
* Researcher: Fernando Russ
* Initial Base CVSS v2: 5.4 (AV:L/AC:M/Au:N/C:C/I:P/A:N)


3. Vulnerability Information
- ----------------------------

* Vendor: SAP AG
* Affected Components:
* SAP Mobile Platform 3.0 SP05 ClientHub

* Vulnerability Class: Missing Required Cryptographic Step (CWE-325)
* Remotely Exploitable: No
* Locally Exploitable: Yes
* Authentication Required: No
* Original Advisory:
https://www.onapsis.com/research/security-advisories/SAP-Mobile-Platform-DataVault-Keystream-Recovery


4. Affected Components Description
- ----------------------------------

The SAP Mobile Platform 3.0 SP5 has an API called DataVault, which is
used to securely store data on mobile devices. As described by SAP AG
"[...] The DataVault APIs provide a secure way to persist and encrypt
data on the device. The data vault uses AES-256 symmetric encryption of
all its contents. The AES key is computed as a hash of the passcode
provided and a =E2=80=98salt=E2=80=99 value that can be supplied by the
device
application developer, or automatically generated through the API [...]"


5. Vulnerability Details
- ------------------------

Due to an incorrect implementation of the cryptografic algorithms and
parameters, it is possible to recover the keystream for the encrypted
data. As a result, it is possible to recover part of the plaintext
corresponding to an encrypted piece of data thus reverting the
encryption process of some values inside the DataVault without needing
the original secret key.

Furthermore, due to the lack of cryptographic integrity mechanisms in
the SAP DataVault an attacker recovering this keystream has the
possibility of re-encrypting (or modifying in practical terms) with some
limitations, some values previously encrypted inside the DataVault.


6. Solution
- -----------

Implement SAP Security Note 2094830.


7. Report Timeline
- ------------------

* 11/07/2014: Onapsis provides vulnerability information to SAP AG.
* 11/08/2014: SAP AG confirms having received the information.
* 04/08/2015: SAP AG releases SAP security note fixing the vulnerability
* 08/12/2015: Security Advisory is released.


About Onapsis Research Labs
- ---------------------------

Onapsis Research Labs provides the industry analysis of key security
issues that impact business-critical systems and applications.
Delivering frequent and timely security and compliance advisories with
associated risk levels, Onapsis Research Labs combine in-depth knowledge
and experience to deliver technical and business-context with sound
security judgment to the broader information security community.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Onapsis Research Team

iEYEARECAAYFAlXLXUYACgkQz3i6WNVBcDU0lgCfbjB9R8+KN98m2z0lx0OkviFd
uaYAmwTpCAaK3YG2EoEWyMYIaVDjr7Hy
=SyWj
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    27 Files
  • 29
    Feb 29th
    8 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close